Research On Detection And Protection Of Sensitive Messages’ Leakage On Mobile Intelligent Devices

There’re so many reasons to make mobile intelligent terminals more and more important in our daily lives. For example, mobile OS has a great development in these years, both the popularization of the wireless network and the growth of mobile application markets are increasing at a high speed. Meanwhile, there’s a lot of personal sensitive information preserved in the mobile intelligent terminals. Because of this fact, many organizations have attempted to obtain personal sensitive information preserved in mobile intelligent terminals with different purposes. Developers of software applications may steal users’information by appending extra codes in the applications. Public security organizations and judiciaries need to obtain criminal evidences by analyzing criminals’mobile intelligent devices.In this paper, we put our research on the detection and protection of the sensitive information’s leakage in mobile intelligent terminals. The research includes the forensics about users’ data in Android third-part applications, and the detection and protection of users’ sensitive information’s leakage on Android devices. The main jobs of this thesis are as following:1. We analyzed current situations about mobile intelligent platforms’development and security problems remained on the Android platform. At the same time, besides the detection and protection of users’sensitive information’s leakage on the Android platform, we also list current research achievements about the forensics methods in digital devices.2. We did research on the technical background about Android security and forensics, including Android framework, Android security mechanism, data reservation method of Android applications, common encryption/hash algorithms used in Android applications, Binder IPC model, retrieva/calling mechanisms of system services, loading mechanisms of DLL, process injection, analyzing of ELF documents, and so on.3. We designed a forensics system according to the requirement. The system aimed on users’ data preserved in Android third-part applications, and achieved the following goals like extracting applications’data from Android devices, analyzing users’operation in the data automatically. We also designed an accessing method which based on reverse engineering to grab encryption algorithms in Android applications.4. We designed an Android monitor system based on dynamic analysis method to monitor the leakage of users’sensitive information. The system could record and block the calling for system authority services in the background process as users’strategy.